Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
AVE DOMINAplus <=1.10.x suffers from an authentication bypass vulnerability due to missing control check when directly calling the autologin GET parameter in changeparams.php script. Setting the autologin value to 1 allows an unauthenticated attacker to permanently disable the authentication security control and access the management interface with admin privileges without providing credentials.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
AVE DOMINAplus 授权问题漏洞
Vulnerability Description
AVE DOMINAplus是意大利AVE公司的一个应用系统。用于下一代房屋的最佳家庭自动化系统。 AVE DOMINAplus 1.10.x版本及之前版本存在安全漏洞,该漏洞源于存在身份验证绕过漏洞。
CVSS Information
N/A
Vulnerability Type
N/A